bash to secure /tmp /dev/shm (help needed) [Archive]

View Full Version : bash to secure /tmp /dev/shm (help needed)

RAmoss

03-23-2010, 12:24 PM

am i doing this right?

SECURE_tmp()
{
cd /dev
dd if=/dev/zero of=tmpMnt bs=1024 count=100000
/sbin/mke2fs /dev/tmpMnt
cd /
cp -pR /tmp /tmp_backup
mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp
chmod 1777 /tmp
cp -pR /tmp_backup/* /tmp/
echo "/dev/tmpMnt /tmp ext2 loop,noexec,nosuid,rw 0 0" >> /etc/fstab
}

also, how would i do it for /dev/shm?

PCS-Chris

03-23-2010, 02:10 PM

I'm assuming you have copied a very old tutorial.

Nobody uses ext2 any more, you also don't need to create a new partition through the loopback device, unless there isn't one already (e.g. inside VPS)

You just need to add "noexec,nosuid" to the relavent entries in /etc/fstab

RAmoss

03-23-2010, 02:20 PM

what if the entries are not in /etc/fstab? dont i need to create the partitions?

PCS-Chris

03-23-2010, 02:24 PM

If there is no /tmp partition then yes you need to create one.

RAmoss

03-23-2010, 02:30 PM

Is there a correct way to do it? Am I not doing it right?